Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Registry Issues


  • Please log in to reply

#1
dolface755

dolface755

    Member

  • Member
  • PipPipPip
  • 191 posts

Is there someone who could tell me how to delete obsolete files in the registry? I have a laptop given to me by my Mother, unfortunately she had this thing about downloading all the HP files she could possibly find. I do not have anything that is HP on the system and I don't connect to anything HP from this system eg: printer, etc  I keep finding more and more programs and files for HP and have deleted most of them, but I'm not that adapt at browsing through the registry and finding and deleting files.

If someone could help me that would be great. I know this system wont ever be extremely fast, but I'm thinking if I could get rid of some of these files, it would give me a little more disc space.

Also need some help changing the page.sys file as it is still showing that I only have 1gig or ram but I put in another 1 gig chip.

Thank you so much


Edited by dolface755, 02 November 2015 - 07:34 PM.

  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Hi dolface755,

Technically there are no files in the registry. The registry is a database that holds a lot of settings.
Are they troubling you in any way that you want them gone?
Because if they are not I would leave them in place. Orphaned registry entries are of little or no matter.

https://blog.malware...ital-snake-oil/
  • 0

#3
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

I'm not sure if they are troubling me. I complained to my ISP that my net speed was slow, and then sent me a link to test speed and it said I had 600+ registry errors and a bunch of computer OS errors, but it wouldn't let me fix them unless I paid some outrageous price for the software. I'm pretty good at deleting the obsolete files that are on the computer, like all the HP crap and a bunch of Acer preloaded crap that they told her she needed,, but when it comes to changing the registry and the page.sys I need a little help


  • 0

#4
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Well, editing the registry is a tricky bussiness.

First you will want to do a backup, so if anything goes wrong you can go back.

zrguS2W.png Tweaking Registry Backup
  • Please download Tweaking.com Registry Backup, choose mBVfJrI.pngand save the file to your desktop.
  • Right-click on zrguS2W.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Install the tool by following the prompt.
  • Once installed, double-click on the Tweaking.com Registry Backup icon. 
  • The tool should automatically open to the Backup Registry tab. If not, click the Backup Registry tab.
  • Press Backup Now.
  • Once complete, the tool will tell you that Successful */* Files Backed Up.
  • You have now successfully backed up your Registry.
Then get the free version of CCleaner: https://www.piriform.com/ccleaner
and give that a try. At least you won't have wasted any money.

If that doesn't help we can get some logs and see if I can speed thing up a bit for you.
  • 0

#5
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

Ok backed up and I already run CCleaner after almost everytime I log off the net..if there's no reason to remove these obsolete files for performance issues than I"m not that worried about them. Now if I can get the page.sys fixed or actually get the 2gig's I have in this machine to run properly I would be great. 

Like I said, I realize this is an older computer and will never be  "fast" just really annoying to wait up to 3 min for alot of pages I try loading on the net


  • 0

#6
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

I was able to screen capture the results of the test that my ISP sent me to do to explain my speed issues. I'm going to try and download them so you can see and let me know if I need to be concerned

ok it won't let me attach a word or pic document 

 

 


  • 0

#7
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
If you could follow steps 3 & 5 in this topic: http://www.geekstogo...cleaning-guide/
I'll have a look at the log and we will see what we can tweak in an effort to make it a bit faster.
  • 0

#8
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
You'll have to click "More Reply Options" to see the "Attach" button. Screenshots should not be a problem unless they are too big. Docs won't be allowed and I wouldn't open them anyway. ;)
  • 0

#9
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

Yea I saved both screen shots as Word files so it wouldn't let me upload them. Had a nasty message from Auslogics Malwayre this morning when I logged in, but it was mostly because I didn't clear my cache last night after being online, something I do religiously.

Anyways here are the two files. Thank you so much for going through them with me, I really wasn't looking forward to attempting a factory reset on this machine for the length of time I will be using it.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-11-2015
Ran by home (administrator) on ACER-D928810BF0 (06-11-2015 20:45:49)
Running from C:\Documents and Settings\home\Desktop
Loaded Profiles: home (Available Profiles: home & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(Acer Inc.) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Microsoft Corporation) C:\WINDOWS\System32\WBEM\unsecapp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ePower_DMC] => C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [421888 2006-05-30] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean.exeC:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{F9660150-E81B-42D0-850D-AF7A2B5B319A}: [DhcpNameServer] 192.168.1.254 75.153.176.9
 
Internet Explorer:
==================
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://ca.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://ca.yahoo.com
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ca/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://ca.yahoo.com/
FF Keyword.URL: hxxps://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2015-09-05] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-09-05] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Extension: Facebook Ads Block - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2015-08-20]
FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-08-20]
FF Extension: Adblock Plus - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-09-05] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://ca.yahoo.com/
CHR StartupUrls: Default -> "hxxps://ca.yahoo.com/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSearchKeyword: Default -> ca.yahoo.com
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-22]
CHR Extension: (Gmail) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-22]
CHR Extension: (Google Slides) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-22]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2006-03-29] (Acer Inc.) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [862632 2015-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2006-02-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360 2005-01-21] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2004-08-04] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [43672 2009-04-11] (Oak Technology Inc.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-05-10] (Advanced Micro Devices)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [156080 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [243632 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-08-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [192944 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [424320 2005-11-02] (Broadcom Corporation)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-05-24] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [40064 2006-05-24] (ENE Technology Inc.)
R3 ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [74752 2006-05-24] (ENE Technology Inc.)
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [9600 2004-08-04] (Microsoft Corporation) [File not signed]
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [208384 2006-06-12] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [990592 2006-06-12] (Conexant Systems, Inc.)
R2 int15; C:\WINDOWS\system32\drivers\int15.sys [69632 2006-06-02] () [File not signed]
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 NTIDrvr; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [6144 2006-06-20] (NewTech Infosystems, Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46592 2004-12-09] (SMSC)
R2 tvicport; C:\WINDOWS\system32\drivers\tvicport.sys [14544 2006-06-02] (EnTech Taiwan) [File not signed]
R2 zntport; C:\WINDOWS\system32\drivers\zntport.sys [6080 2006-06-02] (Zeal SoftStudio) [File not signed]
S3 catchme; \??\C:\DOCUME~1\home\LOCALS~1\Temp\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 20:45 - 2015-11-06 20:45 - 00015842 _____ C:\Documents and Settings\home\Desktop\FRST.txt
2015-11-06 20:45 - 2015-11-06 20:45 - 00000000 ____D C:\FRST
2015-11-06 20:42 - 2015-11-06 20:42 - 01702400 _____ (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe
2015-11-05 02:58 - 2015-11-05 02:58 - 00000749 _____ C:\Documents and Settings\home\My Documents\Auslogics Anti-Malware.lnk
2015-11-05 02:54 - 2015-11-05 02:54 - 00004128 _____ C:\WINDOWS\INFCACHE.1
2015-11-05 02:52 - 2015-11-06 15:00 - 00000612 _____ C:\WINDOWS\Tasks\Auslogics BoostSpeed Scan and Repair.job
2015-11-02 22:49 - 2015-11-02 22:49 - 00000127 _____ C:\Documents and Settings\home\My Documents\Files named HPZ@.@.fnd
2015-11-02 00:30 - 2015-11-04 21:54 - 00000581 _____ C:\Documents and Settings\home\My Documents\AVG Protection.lnk
2015-10-29 14:58 - 2015-10-29 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Foxit Software
2015-10-29 14:57 - 2015-10-29 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader
2015-10-24 23:32 - 2015-10-24 23:32 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Temp
2015-10-16 17:05 - 2015-10-16 17:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-10-16 16:15 - 2015-10-16 16:55 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-10-16 16:15 - 2015-10-16 16:15 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\AVG
2015-10-16 16:12 - 2015-10-16 16:12 - 00000000 ____D C:\Documents and Settings\home\Application Data\AVG
2015-10-16 16:05 - 2015-10-16 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2015-10-12 15:43 - 2015-10-12 15:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\BSD
2015-10-12 14:21 - 2015-10-12 14:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 20:46 - 2015-09-01 14:25 - 01395488 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 20:36 - 2014-01-21 10:42 - 00000420 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3B11F248-9E1D-4583-9DDA-3BBA1F0533B1}.job
2015-11-05 03:46 - 2008-12-04 12:50 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2015-11-05 02:54 - 2006-06-20 13:26 - 00000686 _____ C:\WINDOWS\win.ini
2015-11-02 22:43 - 2015-09-01 14:25 - 00000157 ____N C:\WINDOWS\wiadebug.log
2015-11-02 22:43 - 2006-06-20 15:15 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-02 22:41 - 2006-06-20 15:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 22:39 - 2015-09-01 14:25 - 00000049 ____N C:\WINDOWS\wiaservc.log
2015-11-02 22:39 - 2015-08-23 17:55 - 00032588 ____N C:\WINDOWS\SchedLgU.Txt
2015-11-02 22:39 - 2008-11-12 18:49 - 00000178 ___SH C:\Documents and Settings\home\ntuser.ini
2015-11-02 22:39 - 2006-06-20 14:07 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2015-11-01 22:47 - 2006-06-20 14:49 - 00209696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 15:47 - 2015-08-06 15:06 - 00017920 ___SH C:\Documents and Settings\home\My Documents\Thumbs.db
2015-10-25 23:48 - 2015-09-22 20:53 - 00001721 _____ C:\Documents and Settings\home\My Documents\Google Chrome.lnk
2015-10-21 17:24 - 2015-06-16 15:54 - 00229296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2015-10-21 17:14 - 2015-07-28 11:02 - 00192944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2015-10-19 09:06 - 2015-07-28 11:02 - 00243632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-10-16 16:51 - 2015-09-22 20:51 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 16:51 - 2015-09-22 20:51 - 00000878 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000644 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000616 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000446 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-02 18:32 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job
2015-10-16 16:51 - 2015-09-02 18:32 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job
2015-10-16 14:02 - 2015-08-18 23:02 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-16 12:39 - 2015-09-30 14:53 - 00098980 _____ C:\Documents and Settings\home\DINWebPro-Medium.eot
2015-10-16 12:39 - 2015-09-30 14:53 - 00004846 _____ C:\Documents and Settings\home\style.css
2015-10-16 12:39 - 2015-09-30 14:53 - 00001032 _____ C:\Documents and Settings\home\index.htm
2015-10-08 08:48 - 2015-05-12 14:46 - 00231856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
 
==================== Files in the root of some directories =======
 
2014-01-21 12:34 - 2014-01-21 12:34 - 0000127 _____ () C:\Documents and Settings\home\Local Settings\Application Data\fusioncache.dat
2015-08-07 19:59 - 2015-09-05 13:16 - 0009216 _____ () C:\Documents and Settings\home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-09 21:51 - 2015-08-09 21:51 - 0005914 _____ () C:\Documents and Settings\home\Local Settings\Application Data\HWVendorDetection.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-11-2015
Ran by home (2015-11-06 20:47:02)
Running from C:\Documents and Settings\home\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2008-11-13 02:48:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3344879686-2638717043-3166630987-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-3344879686-2638717043-3166630987-1003 - Limited - Enabled)
Guest (S-1-5-21-3344879686-2638717043-3166630987-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-3344879686-2638717043-3166630987-1004 - Limited - Disabled)
home (S-1-5-21-3344879686-2638717043-3166630987-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\home
SUPPORT_388945a0 (S-1-5-21-3344879686-2638717043-3166630987-1002 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.03.2024 - Acer)
Acer ePerformance Management (HKLM\...\{7057702F-6D71-4F30-8000-9E72BC771887}) (Version: 2.00.2007 - Acer)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.00.2016a - )
Acer eSettings Management (HKLM\...\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}) (Version: 2.03.2017 - Acer)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.54 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Catalyst Control Center (HKLM\...\{79B05AF4-8894-49A1-9FF4-53F0142D85E1}) (Version: 1.2.2308.14812 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.251-060427a-034514C-Acer - )
Auslogics Anti-Malware (HKLM\...\{A5A6F7C9-F91E-45C7-8DAA-289CBB0C817D}_is1) (Version: 1.6.0.0 - Auslogics Labs Pty Ltd)
Auslogics BoostSpeed 8 (HKLM\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 8.1.0.0 - Auslogics Labs Pty Ltd)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.0.2.0 - Auslogics Labs Pty Ltd)
AVG (Version: 16.7.7227 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4457 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.7.7227 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
LightScribe  1.4.74.1 (Version: 1.4.74.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
PokerStars.net (HKLM\...\PokerStars.net) (Version:  - PokerStars.net)
RealDownloader (Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5273 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
SMSC IrCC V5.1.3600.7 (HKLM\...\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}) (Version: r1.02 - )
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2BFA&SUBSYS_1025009F) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.19.0 - Synaptics)
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor  (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
03-09-2015 22:56:50 System Checkpoint
05-09-2015 10:54:02 System Checkpoint
06-09-2015 15:21:09 Installed AVG 2015
06-09-2015 15:22:54 Removed AVG 2015
09-09-2015 02:33:56 System Checkpoint
10-09-2015 18:36:46 System Checkpoint
17-09-2015 12:49:53 System Checkpoint
18-09-2015 14:39:14 System Checkpoint
20-09-2015 13:39:58 System Checkpoint
23-09-2015 00:38:52 System Checkpoint
29-09-2015 10:23:12 System Checkpoint
01-10-2015 20:31:42 System Checkpoint
07-10-2015 20:52:40 System Checkpoint
15-10-2015 00:07:43 System Checkpoint
16-10-2015 12:24:20 System Checkpoint
20-10-2015 05:22:59 System Checkpoint
21-10-2015 12:23:52 System Checkpoint
29-10-2015 13:58:47 Printer Driver Foxit Reader PDF Printer Driver Installed
01-11-2015 23:09:36 Installed AVG 2016
01-11-2015 23:11:48 Removed AVG 2015
01-11-2015 23:33:21 Installed AVG
02-11-2015 00:25:54 Installed AVG
02-11-2015 00:35:44 Removed AVG 2015
04-11-2015 23:26:37 System Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-08-04 05:00 - 2004-08-04 05:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\Auslogics BoostSpeed Scan and Repair.job => C:\WINDOWS\system32\rundll32.exeFTaskSchedulerHelper.dll,RunTask BoostSpeed.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3B11F248-9E1D-4583-9DDA-3BBA1F0533B1}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2008-11-12 18:52 - 2005-10-11 13:18 - 00028672 _____ () C:\Acer\Empowering Technology\ePower\SysHook.dll
2005-10-19 10:17 - 2005-10-19 10:17 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 03289088 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7511b2f2\mscorlib.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 01929216 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_103bcdb3\system.dll
2015-11-02 00:17 - 2015-11-02 00:17 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2014-08-12 11:34 - 2014-08-12 11:34 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2005-01-21 19:37 - 2005-01-21 19:37 - 00143360 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-09-19 20:54 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-19 20:54 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-19 20:54 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-19 20:54 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-19 20:54 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2008-11-12 18:52 - 2006-05-30 12:11 - 00421888 _____ () C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
2015-08-09 14:05 - 2015-08-09 14:05 - 02994176 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4d92b817\system.windows.forms.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00835584 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_0469f7da\system.drawing.dll
2008-11-12 18:52 - 2005-10-20 17:20 - 00208896 _____ () C:\Acer\Empowering Technology\ePower\DialogDLL.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254 - 75.153.176.9
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk => C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk => C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupreg: Acer ePresentation HPD => C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
MSCONFIG\startupreg: ATICCC => "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
MSCONFIG\startupreg: AzMixerSel => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
MSCONFIG\startupreg: Boot => C:\Acer\Empowering Technology\ePower\Boot.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ContentTransferWMDetector.exe => C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ePower_DMC => C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: ntiMUI => C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [D:\setup\HPZNET01.EXE] => Enabled:hpznet01.exe
StandardProfile\AuthorizedApplications: [D:\setup\HPONICIFS01.EXE] => Enabled:hponicifs01.exe
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\home\Application Data\uTorrent\uTorrent.exe] => Enabled:µTorrent (home)
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgdiagex.exe] => Enabled:AVG Diagnostics
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgemcx.exe] => Enabled:Personal Email Scanner
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/02/2015 10:42:00 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (11/02/2015 12:41:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (11/02/2015 12:09:24 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (11/01/2015 11:41:54 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (11/01/2015 11:29:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: ACER-D928810BF0)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xA0010004): Driver installation failed
 
Error: (11/01/2015 11:29:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: ACER-D928810BF0)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xA0010004): Driver installation failed
 
Error: (11/01/2015 10:48:03 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (10/24/2015 10:31:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (10/22/2015 11:51:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
 
Error: (10/20/2015 05:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ccleaner.exe, version 5.10.0.5373, faulting module unknown, version 0.0.0.0, fault address 0x02eaad10.
Processing media-specific event for [ccleaner.exe!ws!]
 
 
System errors:
=============
Error: (11/04/2015 09:50:31 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.67 on the
Network Card with network address 00197E07DB72.
 
Error: (11/03/2015 02:05:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/03/2015 12:23:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/02/2015 10:44:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/02/2015 10:44:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/02/2015 10:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%1053
 
Error: (11/02/2015 10:43:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
 
Error: (11/02/2015 01:26:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/02/2015 12:42:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%1053
 
Error: (11/02/2015 12:42:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
 
 
==================== Memory info =========================== 
 
Processor: AMD Turion™ 64 Mobile Technology MK-38
Percentage of memory in use: 42%
Total physical RAM: 1790.1 MB
Available physical RAM: 1033 MB
Total Virtual: 3427.08 MB
Available Virtual: 2740.29 MB
 
==================== Drives ================================
 
Drive c: (ACER) (Fixed) (Total:93.13 GB) (Free:74.2 GB) FAT32 ==>[drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 93.2 GB) (Disk ID: 5EA4F703)
Partition 1: (Active) - (Size=93.2 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

Edited by dolface755, 06 November 2015 - 10:52 PM.

  • 0

#10
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Not sure if you still need these:
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2006-02-17] (Hewlett-Packard Company) [File not signed]
http://www.bleepingc...vice-17133.html

R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [43672 2009-04-11] (Oak Technology Inc.)
http://www.bleepingc...FS2K-25330.html

Both are HP related. Other then that there are some HP Leftovers in the In stalled Programs list with the Hidden label. Those are probably leftovers as well and should be safe to remove. But I don't see anything fundamentally wrong nor a lot of unnecessary bloatware.
  • 0

Advertisements


#11
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

one thing I forgot to mention was that I find the longer the computer is left on the less time it takes for pages to load and the less problems I have loading pages. If I reboot for any reason it takes up to 2 days for me to even be able to view pages I had been able to before the rebooting. 

Thank you for going over the logs. I'm not sure I know how to unilnstalled hidden files. That one is new to me. I usually use my CCleaner program to unstall programs and to make sure start up programs are cleaned up, etc...Do I have to use the uninstall in Control Panel or is there something I need to click to be able to view the hidden programs?


  • 0

#12
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
If you want them gone I can help you with that. They do not show in the Add/Remove Software list. That is where the Hidden stands for.

Regarding the page views: does it matter which browser you use?
We can try some different DNS servers and see if that helps. You can also try if leaving the cache alone when you reboot will help.
Obviously I can't look in your wallet, but I think even a cheap replacement would be progress for you. ;)
  • 0

#13
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

I've tried using firefox but keep getting flash errors or other errors. I'm currently using Chrome, but I'm trying to figure out when I go into Task Manager why I always have 5 or 6 different chrome's running when I only have one page open. Don't know if I"ve ever done anything with the DNS servers. I finally found a very nice computer store manager that is letting me pay off a new laptop monthly, that is why I'm just trying to do what I can with this one. Unfortunately being disabled, I dont have alot of extra funds, so if it wasn't for this nice man I wouldn't be able to even consider getting a new one as I don't believe in credit cards and don't have the funds to just drop on a new computer. But being disabled I"m often stuck in bed for days, so the laptop is frequently my only source of outside contact.

If you don't think the playing with the files will help the speed then I won't worry about it. Is there a way to change my page.sys file? it's only registering 1.7gig's of RAM and I have 2gig's installed? not sure if that will change the speed of things or not. Whatever you think will or will not make a difference is fine with me. I"m looking at about 8 months before getting the new one.

Unless of course I won the LottoMax on friday


  • 0

#14
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
As you probably already found out page.sys is the Virtual memory your computer uses when it runs out of RAM.
There are ways of changing the settings https://www.microsof...e.mspx?mfr=true
You can play around with them a bit and see if it helps. Adding extra RAM would be a waste of money IMHO.

Here is a site about speeding up Windows XP that I can recommend: http://www.blackvipe...p-super-tweaks/
Maybe you can use some of the tips to gain some speed.

The amount of running chrome.exe processes is normal: http://www.howtogeek...open-processes/
  • 0

#15
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 191 posts

ok thank you so much. I will go over the tweaks and see what if any help and try the page too. I noticed on my old desktop that was running windows xp that once I changed the page.sys it seem to speed up just a little. Like I said, I was just trying to get a little more use out of the system until I am able to pay off the new one. Thank you so much for your help and suggestions. You have been absolutely great I really appreciate it


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP